Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add auditing for creating or updating a cert. (#845)

This commit is contained in:
Paul Van de Vreede 2017-07-04 23:39:16 +10:00 committed by kevgliss
parent 9d5db3ec12
commit 53113e5eeb
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lemur/certificates/views.py
View File

@ -269,7 +269,9 @@ class CertificatesList(AuthenticatedResource):
if authority_permission.can(): if authority_permission.can():
data['creator'] = g.user data['creator'] = g.user
return service.create(**data) cert = service.create(**data)
log_service.create(g.user, 'create_cert', certificate=cert)
return cert
return dict(message="You are not authorized to use the authority: {0}".format(data['authority'].name)), 403 return dict(message="You are not authorized to use the authority: {0}".format(data['authority'].name)), 403
@ -644,7 +646,9 @@ class Certificates(AuthenticatedResource):
) )
), 400 ), 400
return service.update(certificate_id, **data) cert = service.update(certificate_id, **data)
log_service.create(g.current_user, 'update_cert', certificate=cert)
return cert
class NotificationCertificatesList(AuthenticatedResource): class NotificationCertificatesList(AuthenticatedResource):

2
lemur/logs/models.py
View File

@ -18,6 +18,6 @@ class Log(db.Model):
__tablename__ = 'logs' __tablename__ = 'logs'
id = Column(Integer, primary_key=True) id = Column(Integer, primary_key=True)
certificate_id = Column(Integer, ForeignKey('certificates.id')) certificate_id = Column(Integer, ForeignKey('certificates.id'))
log_type = Column(Enum('key_view', name='log_type'), nullable=False) log_type = Column(Enum('key_view', 'create_cert', 'update_cert', name='log_type'), nullable=False)
logged_at = Column(ArrowType(), PassiveDefault(func.now()), nullable=False) logged_at = Column(ArrowType(), PassiveDefault(func.now()), nullable=False)
user_id = Column(Integer, ForeignKey('users.id'), nullable=False) user_id = Column(Integer, ForeignKey('users.id'), nullable=False)